New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: when crossDomain is using default the X-Requested-With header is no longer added incorrectly #6691
fix: when crossDomain is using default the X-Requested-With header is no longer added incorrectly #6691
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -279,7 +279,20 @@ export function fromAjax<T>(config: AjaxConfig): Observable<AjaxResponse<T>> { | |
// Here we're pulling off each of the configuration arguments | ||
// that we don't want to add to the request information we're | ||
// passing around. | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Just realised this should move down? |
||
const { queryParams, body: configuredBody, headers: configuredHeaders, ...remainingConfig } = config; | ||
const configWithDefaults = { | ||
// Default values | ||
async: true, | ||
crossDomain: true, | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Moving this up here changes some of the conditional branches below, and therefor would (from what I can tell) result in a breaking change. Please see the changes to your PR in the new PR (linked in my other comment) Thanks! :) There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Hi @benlesh - Which conditionals does it change? I thought I checked and it will only change the crossDomain conditional to use the correct default. The default of crossDomain always has been true. Otherwise every single CORS request will default to sending a preflight which is a breaking change from v6. See here default in v6: https://github.com/ReactiveX/rxjs/blob/6.x/src/internal/observable/dom/AjaxObservable.ts#L163 There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Checking I can see only two parts of this used below: withCredentials and crossDomain. The former defaults false and so when it was undefined would mean no logic change so exact same behaviour. So the only impact is crossDomain, which as noted should default true not false to match v6 and behave as expected. |
||
withCredentials: false, | ||
method: 'GET', | ||
timeout: 0, | ||
responseType: 'json' as XMLHttpRequestResponseType, | ||
|
||
// Override with passed user values | ||
...config, | ||
}; | ||
|
||
const { queryParams, body: configuredBody, headers: configuredHeaders, ...remainingConfig } = configWithDefaults; | ||
|
||
let { url } = remainingConfig; | ||
if (!url) { | ||
|
@@ -334,7 +347,7 @@ export function fromAjax<T>(config: AjaxConfig): Observable<AjaxResponse<T>> { | |
// None of this is necessary, it's only being set because it's "the thing libraries do" | ||
// Starting back as far as JQuery, and continuing with other libraries such as Angular 1, | ||
// Axios, et al. | ||
if (!config.crossDomain && !('x-requested-with' in headers)) { | ||
if (!configWithDefaults.crossDomain && !('x-requested-with' in headers)) { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Maybe to match the below conditional should use remainingConfig |
||
headers['x-requested-with'] = 'XMLHttpRequest'; | ||
} | ||
|
||
|
@@ -353,16 +366,8 @@ export function fromAjax<T>(config: AjaxConfig): Observable<AjaxResponse<T>> { | |
const body = extractContentTypeAndMaybeSerializeBody(configuredBody, headers); | ||
|
||
const _request: AjaxRequest = { | ||
// Default values | ||
async: true, | ||
crossDomain: true, | ||
withCredentials: false, | ||
method: 'GET', | ||
timeout: 0, | ||
responseType: 'json' as XMLHttpRequestResponseType, | ||
|
||
// Override with passed user values | ||
...remainingConfig, | ||
// Take the final configuration | ||
...configWithDefaults, | ||
|
||
// Set values we ensured above | ||
url, | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This hopefully helps understand why I had to update many tests. It shows the bad behaviour in 4 lines -
crossDomain
istrue
but at the same time we were expecting the header that should never be sent whencrossDomain
istrue